[Alpine-info] invalid_grant error AADSTS70043: expired or invalid refresh token

[Brad Chamberlain]

Hi Eduardo —

Thanks for the tips!  I guess I didn't say in my original message, but 
when the failure originally occurred (upon running 'alpine'), the reason 
for the failure was completely unclear.  It just said something vague like 
"unable to open INBOX" or the like.

It was only when trying to manually reopen the INBOX as you describe that 
I was able to see the more detailed error message and copy-paste it into 
my queries here.

I kept hoping that I'd eventually get the device login prompt and web 
redirect if I waited long enough or restarted enough times or tried 
reopening it enough times, but I never did.  It was only when re-running 
with the '-erase_stored_passwords' flag that I was offered the chance to 
do a new device login / get a new token from Outlook.

If I were to get into this situation again, are there other ways to force 
getting a new refresh token other than using that flag, or did I end up 
finding the best practice?

Thanks again!
-Brad



On Tue, 18 Jul 2023, Eduardo Chappa wrote:


> On Mon, 17 Jul 2023, Chamberlain, Brad wrote:

>

>> Hello alpine community —

>> 

>> I returned from a week's vacation this morning, fired up alpine and have

>> been getting error messages that are unfamiliar to me.  Upon trying to open

>> my inbox, I get:

>>

>>       [>Code 400: invalid_grant: AADSTS70043: The refresh token has expired

>> or is invalid due to sign-in frequenc<]

>

> Dear Brad,

>

>  the issue is that the refresh token was revoked by the server. Who knows 

> why that happen. It was an internal policy. Tokens can be revoked for several 

> reasons, including, but not limited to, expiration: The refresh token has 

> outlived its validity; change in account settings: for example, change in the 

> password; confirmation of account settings: checking that your information is 

> up-to-date. Apparently you hit another one: not loging into your account for 

> a week.

>

>  When this happens simply try to reopen your INBOX. For example, if the 

> error happens when you are opening Alpine, a failure to open your inbox will 

> put you in a screen from where you need to navigate to your INBOX and then 

> try to open int again. This time Alpine will display the screen to grant 

> authorization to Alpine and create the refresh token  that you can use in the 

> future.

>

>> And when trying to send a mail, I get the similar error:

>>

>>       [>Error sending: Code 400: invalid_grant: AADSTS70043: The refresh

>> token has expired or is invali<]

>

> The refresh token that is used to login to your inbox is the same that is 

> used to login to your smtp server. Revocation of the refresh token will 

> prevent you from reading your inbox and sending email. It is an "all or none" 

> scheme.

>

> I hope this helps.

>

> -- 

> Eduardo